Im having an issue with windows proxy configuration, Normally I used the registry keys in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyServer ProxyOverride Proxy Enable etc to enable the proxy for everything but WSUS and my local adobe update server and I had no issues with wsus however after reading that the windows store doesn't use these settings

(initially bypass-list="WSUS.MyDomain.com:8531" but ive added the above to try and get wsus working)

and then after forcing a gpupdate I tried windows update which showed no problems. Then after noticing an event log entry about the number of failed updates today I went in to the wsus console to discover every computer has the ip address of the tmg server

Even though ive set exclusions all the wsus traffic is going through the proxy. Ive tried setting an exclusion for the wsus server inside the TMG proxy server domain exclusions with no luck.

Should I kill the IE proxy definitions and just relay on winhttp or what ?

Why don't you just use a pac file for your proxy settings on your clients - then the only thing you have to hand out to clients via script or group policy is the location of the pac file. You can then do whatever you want with bypasses, using lots of different if's and else's -- you can get as fancy as you need to for bypass, use different proxy, etc.. etc..

And just need to update the pac file for all clients to get the changes - no need to rerun a login script or update group policy on any changes, etc.

Why don't you just use a pac file for your proxy settings on your clients - then the only thing you have to hand out to clients via script or group policy is the location of the pac file. You can then do whatever you want with bypasses, using lots of different if's and else's -- you can get as fancy as you need to for bypass, use different proxy, etc.. etc..

And just need to update the pac file for all clients to get the changes - no need to rerun a login script or update group policy on any changes, etc.